The National Institute of Standards and Technology has warned that malicious parties will gain control of telework client devices and attempt to capture sensitive data or leverage the devices to gain access to the enterprise network. As the number of people logging in remotely or connecting to cloud-based SAAS [software-as-a-service] applications rises, organizations have an exponential increase in the number of endpoints. This combined with an influx of workers who are new to working remotely increases the opportunities and odds of success for cyberattacks. Organizations should focus on these areas to increase remote-work cybersecurity:
- Establishing and communicating remote-work security policies
- Securing virtual private networks (VPNs)
- Regulating personal-device use
- Addressing authorization and authentication
- Making employees aware of phishing and malware campaigns tailored to the current situation.
- Securing communication and collaboration channels.
- Continuous IT monitoring
Many workers now required to work remotely will conduct company business on their personal smartphone, computer, tablet or other personal asset. This creates a huge risk if the personal device is used by multiple family members, handed down, sold to a third party or improperly disposed of. Encourage employees to strengthen passwords and update to the latest versions of their applications. Enforce the same endpoint security rules for antivirus software and customized firewalls as with employer-managed devices.
To learn more contact us at firstname.lastname@example.org.